File integrity monitoring and antivirus

- [Instructor] In addition to all…the network-based tools we've discussed so far,…there are a few host-based tools…that we can use during our security assessments…like file integrity monitoring and antivirus.…File integrity monitoring is a form…of host-based intrusion detection system…that creates a hash digest of every file being monitored.…If the file is changed or altered,…it's hash would also be altered,…and this would create an alert on the system.…This technique is usually conducted…on an operating system level…and is done for operating system and application files.…

File integrity monitoring is a requirement of PCI-DSS,…Sarbanes-Oxley Act,…Federal Information Security Management Act,…Health Insurance Portability and Accountability Act,…and the SANS Critical Security Controls.…As you already know, it's imperative…that you have antivirus protection installed…on your host as a protection mechanism.…But this antivirus can also be useful…during a security assessment.…This is because it provides us another source of logging…

Resume Transcript Auto-Scroll

Author

Released

Testing the security of an enterprise network ensures a business can withstand today's threats. The third domain of the CompTIA Advanced Security Practitioner (CASP+) certification—Enterprise Security Operations—assesses whether you understand the basics of penetration testing and the tools and techniques attackers use to infiltrate your network. This course helps you prepare for the CASP+ exam, while deepening your knowledge of security assessments, vulnerability assessments, penetration tests, and incident response and recovery. Follow along with instructor Jason Dion as he covers topics such as reconnaissance, auditing, code reviews, and the tools used during containment and recovery. By the end of the course, you'll be one step closer to CASP+ certification—a key tool for demonstrating your advanced cybersecurity knowledge to prospective employers and clients.

We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.